1 files changed, 35 insertions, 1 deletions
diff --git a/meta-oe/classes/signing.bbclass b/meta-oe/classes/signing.bbclass
index c768371151..5992a75be7 100644
--- a/meta-oe/classes/signing.bbclass
+++ b/meta-oe/classes/signing.bbclass
@@ -145,9 +145,43 @@ signing_import_cert_from_der() {
    signing_pkcs11_tool --type cert --write-object "${der}" --label "${cert_name}"
 }
-# signing_import_cert_chain_from_pem <role> <pem>
+# signing_import_set_ca <cert_name> <ca_cert_name>
+#
+# Link the certificate from <cert_name> to its issuer stored in
+# <ca_cert_name> By walking this linked list a CA-chain can later be
+# reconstructed from the involed roles.
+signing_import_set_ca() {
+    local cert_name="${1}"
+    local ca_cert_name="${2}"
+    echo "_SIGNING_CA_${cert_name}_=\"${ca_cert_name}\"" >> $_SIGNING_ENV_FILE_
+    echo "added link from ${cert_name} to ${ca_cert_name}"
+}
+# signing_get_ca <cert_name>
 #
+# returns the <ca_cert_name> that has been set previously through
+# signing_import_set_ca; or the empty string if none was set
+signing_get_ca() {
+    local cert_name="${1}"
+    eval local ca_cert_name="\$_SIGNING_CA_${cert_name}_"
+    echo "$ca_cert_name"
+}
+# signing_has_ca <cert_name>
+#
+# check if the cert_name links to another cert_name that is its
+# certificate authority/issuer.
+signing_has_ca() {
+    local ca_cert_name="$(signing_get_ca ${1})"
+    test -n "$ca_cert_name"
+    return $?
+}
+# signing_import_cert_chain_from_pem <role> <pem>
+#
 # Import a certificate *chain* from a PEM file to a role.
 # (e.g. multiple ones concatenated in one file)
 #

diff --git a/meta-oe/classes/signing.bbclass b/meta-oe/classes/signing.bbclass index c768371151..5992a75be7 100644 --- a/meta-oe/classes/signing.bbclass +++ b/meta-oe/classes/signing.bbclass
@@ -145,9 +145,43 @@ signing_import_cert_from_der() {
145	signing_pkcs11_tool --type cert --write-object "${der}" --label "${cert_name}"	145	signing_pkcs11_tool --type cert --write-object "${der}" --label "${cert_name}"
146	}	146	}
147		147
148	# signing_import_cert_chain_from_pem <role> <pem>	148	# signing_import_set_ca <cert_name> <ca_cert_name>
		149	#
		150	# Link the certificate from <cert_name> to its issuer stored in
		151	# <ca_cert_name> By walking this linked list a CA-chain can later be
		152	# reconstructed from the involed roles.
		153	signing_import_set_ca() {
		154	local cert_name="${1}"
		155	local ca_cert_name="${2}"
		156
		157	echo "_SIGNING_CA_${cert_name}_=\"${ca_cert_name}\"" >> $_SIGNING_ENV_FILE_
		158	echo "added link from ${cert_name} to ${ca_cert_name}"
		159	}
		160
		161	# signing_get_ca <cert_name>
149	#	162	#
		163	# returns the <ca_cert_name> that has been set previously through
		164	# signing_import_set_ca; or the empty string if none was set
		165	signing_get_ca() {
		166	local cert_name="${1}"
150		167
		168	eval local ca_cert_name="\$_SIGNING_CA_${cert_name}_"
		169	echo "$ca_cert_name"
		170	}
		171
		172	# signing_has_ca <cert_name>
		173	#
		174	# check if the cert_name links to another cert_name that is its
		175	# certificate authority/issuer.
		176	signing_has_ca() {
		177	local ca_cert_name="$(signing_get_ca ${1})"
		178
		179	test -n "$ca_cert_name"
		180	return $?
		181	}
		182
		183	# signing_import_cert_chain_from_pem <role> <pem>
		184	#
151	# Import a certificate chain from a PEM file to a role.	185	# Import a certificate chain from a PEM file to a role.
152	# (e.g. multiple ones concatenated in one file)	186	# (e.g. multiple ones concatenated in one file)
153	#	187	#